Ask Your Question
0

can't ssh/ping floating ip of instance

asked 2014-04-27 08:32:23 -0500

alphaz gravatar image

updated 2014-04-27 08:57:07 -0500

larsks gravatar image

Environment: Centos6.5+RDO+havana

I create a instace successfully with (public ip:192.168.226.101,private ip:10.10.10.2). I can ping private ip but I can't ping public ip. I found following information from my dashboard. status of 192.xxx.xxx.xxx are DOWN, status of 10.xx.xx.xx are Active. I'm a newer for openstack.could some help to tell me the solution? or you can tell me how to debug this issue?

(02b8a649)      192.168.226.100 network:router_gateway  DOWN    UP  Edit Port
(566a3ad7)      192.168.226.102 network:floatingip  DOWN    UP  Edit Port
(660d4ae8)      192.168.226.101 network:floatingip  DOWN    UP  Edit Port

private net interface

(29c7c3bb)      10.10.10.2          compute:nova                    ACTIVE  UP  Edit Port
(3055a9a8)      10.10.10.1          network:router_interface    ACTIVE  UP  Edit Port
(a6a7d763)      10.10.10.254    network:router_interface    ACTIVE  UP  Edit Port
(f8781dd1)      10.10.10.3          network:dhcp                    ACTIVE  UP  Edit Port


[root@alpha ~(keystone_admin)]# openstack-status
== Nova services ==
openstack-nova-api:                     active
openstack-nova-cert:                    active
openstack-nova-compute:                 active
openstack-nova-network:                 dead      (disabled on boot)
openstack-nova-scheduler:               active
openstack-nova-conductor:               active
== Glance services ==
openstack-glance-api:                   active
openstack-glance-registry:              active
== Keystone service ==
openstack-keystone:                     active
== Horizon service ==
openstack-dashboard:                    active
== neutron services ==
neutron-server:                         active
neutron-dhcp-agent:                     active
neutron-l3-agent:                       active
neutron-metadata-agent:                 active
neutron-lbaas-agent:                    inactive  (disabled on boot)
neutron-openvswitch-agent:              active
== Swift services ==
openstack-swift-proxy:                  active
openstack-swift-account:                active
openstack-swift-container:              active
openstack-swift-object:                 active
== Cinder services ==
openstack-cinder-api:                   active
openstack-cinder-scheduler:             active
openstack-cinder-volume:                active
== Ceilometer services ==
openstack-ceilometer-api:               active
openstack-ceilometer-central:           active
openstack-ceilometer-compute:           active
openstack-ceilometer-collector:         active
openstack-ceilometer-alarm-notifier:    active
openstack-ceilometer-alarm-evaluator:   active
== Support services ==
mysqld:                                 active
libvirtd:                               active
openvswitch:                            active
messagebus:                             active
tgtd:                                   active
qpidd:                                  active
memcached:                              active
== Keystone users ==
+----------------------------------+------------+---------+--------------------------+
|                id                |    name    | enabled |          email           |
+----------------------------------+------------+---------+--------------------------+
| 203938cc33b440f0b11927fd025c53f4 |   admin    |   True  |      test@test.com       |
| c7d5dbd22f5549689cd118484f7afacb |   alphaz   |   True  | alpha.zhang@centling.com |
| c1366e2f3cc94e558861fa6b08d84914 | ceilometer |   True  |   ceilometer@localhost   |
| 442cb4e41ec344cf8d9e418f40450f18 |   cinder   |   True  |     cinder@localhost     |
| 67600fa19a62438d8f67f0378595c71c |   glance   |   True  |     glance@localhost     |
| 6aa5560877864193a080557dca52b0d8 |  neutron   |   True  |    neutron@localhost     |
| f4e4f3783b0f484fb8f14aa95064f249 |    nova    |   True  |      nova@localhost      |
| 2f819f003fa44ba684cd59de3efd3b70 |   swift    |   True  |     swift@localhost      |
+----------------------------------+------------+---------+--------------------------+
== Glance images ==

+--------------------------------------+------+-------------+------------------+-----------+--------+
| ID                                   | Name | Disk Format | Container Format | Size      | Status |
+--------------------------------------+------+-------------+------------------+-----------+--------+
| 1333c7da-c410-4395-b0b9-2e10ef05d2c8 | net  | qcow2       | bare             | 260243968 | active |
+--------------------------------------+------+-------------+------------------+-----------+--------+
== Nova managed services ==
+------------------+--------------------+----------+---------+-------+----------------------------+-----------------+
| Binary           | Host               | Zone     | Status  | State | Updated_at                 | Disabled Reason |
+------------------+--------------------+----------+---------+-------+----------------------------+-----------------+
| nova-consoleauth | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-conductor   | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-scheduler   | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-compute     | alpha.centling.com | nova     | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
| nova-cert        | alpha.centling.com | internal | enabled | up    | 2014-04-26T02:24:23.000000 | -               |
+------------------+--------------------+----------+---------+-------+----------------------------+-----------------+
== Nova networks ==
+--------------------------------------+-------+------+
| ID                                   | Label | Cidr |
+--------------------------------------+-------+------+
| 3e92a5bf-6587-46d6-9e68-46e67c01becb | net2  | -    |
| 9a3566ce-bba7-4f9c-9cf6-c0a716a5e456 | net1  | -    |
+--------------------------------------+-------+------+
== Nova instance flavors ==
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name      | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
| 1  | m1.tiny   | 512       | 1    | 0         |      | 1     | 1.0         | True      |
| 2  | m1.small  | 2048      | 20   | 0         |      | 1     | 1.0         | True      |
| 3  | m1.medium | 4096      | 40   | 0         |      | 2     | 1.0         | True      |
| 4  | m1.large  | 8192      | 80   | 0         |      | 4     | 1.0         | True      |
| 5  | m1.xlarge | 16384     | 160  | 0         |      | 8     | 1.0         | True      |
+----+-----------+-----------+------+-----------+------+-------+-------------+-----------+
== Nova instances ==
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| ID                                   | Name | Status | Task State | Power State | Networks                         |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+
| da38397a-4fb0-4331-a289-99384b2a5c31 | 1234 | ACTIVE | -          | Running     | net1=192.168.226.106             |
| 52182671-30f3-48b0-b7c6-2b9eb385ced2 | net  | ACTIVE | -          | Running     | net2=10.10.10.2, 192.168.226.101 |
+--------------------------------------+------+--------+------------+-------------+----------------------------------+



br-ex     Link encap:Ethernet ...
(more)
edit retag flag offensive close merge delete
add a comment

1 answer

Sort by ยป oldest newest most voted
0

answered 2014-04-27 09:16:32 -0500

dbaxps gravatar image 
Source keystonerc_demo ( or keystonerc_user1 , user should be created before for particlular tenant) 

 $ cat >> ~/keystonerc_admin <<EOF
  export OS_USERNAME=admin
  export OS_TENANT_NAME=admin
  export OS_PASSWORD=xxxxxxxx
  export OS_AUTH_URL=http://192.168.1.127:35357/v2.0/
  export PS1='[\u@\h \W(keystone_admin)]\$ '
  EOF

  $ . keystonerc_admin

  $ keystone user-create --name user1 --pass xxxxxx1
  WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
  +----------+----------------------------------+
  | Property |              Value               |
  +----------+----------------------------------+
  |  email   |                                  |
  | enabled  |               True               |
  |    id    | 1c18b2231aa34dbe9c31cd390aaedb42 |
  |   name   |             user1              |
  +----------+----------------------------------+

  $ keystone role-create --name user
  WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
  +----------+----------------------------------+
  | Property |              Value               |
  +----------+----------------------------------+
  |    id    | 6fac6b1cd0c24ba0a949d12acc757311 |
  |   name   |               user               |
  +----------+----------------------------------+

  $ keystone tenant-create --name ostenant
  WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
  +-------------+----------------------------------+
  |   Property  |              Value               |
  +-------------+----------------------------------+
  | description |                                  |
  |   enabled   |               True               |
  |      id     | 2c845a6ad20e45ccb0b045cee27a9661 |
  |     name    |             ostenant             |
  +-------------+----------------------------------+

  $ keystone user-role-add --user user1 \
  --role user --tenant ostenant

$ cat >> ~/keystonerc_user1 <<EOF
  export OS_USERNAME=user1
  export OS_TENANT_NAME=ostenant
  export OS_PASSWORD=xxxxxxx1
  export OS_AUTH_URL=http://192.168.1.127:35357/v2.0/
  export PS1='[\u@\h \W(keystone_user1)]\$ '
  EOF


     and run :

     Add the security rules
    ----------------------

     $ neutron security-group-rule-create --protocol icmp  --direction ingress --remote-ip-prefix 0.0.0.0/0 default
     $ neutron security-group-rule-create --protocol tcp   --port-range-min 22 --port-range-max 22  --direction ingress    --remote-ip-prefix 0.0.0.0/0  default

  Or add security rules via dashboard :

Add security rules for ICMP and TCP

edit flag offensive delete link more

Comments

Regarging "(02b8a649) 192.168.226.100 network:router_gateway DOWN UP Edit Port"
Please,view report from working system here
It's normal. VM with floating IP 192.168.110 is currently up and runnig.

dbaxps gravatar imagedbaxps ( 2014-04-27 09:56:48 -0500 )edit
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

subscribe to rss feed

Stats

Asked: 2014-04-27 08:32:23 -0500

Seen: 1,043 times

Last updated: Apr 27 '14

Related questions

can't ping or ssh cirros vm floating ip

can't remove router, spanning tree

I can ping private IP. but I can't ping floating ip

Can't start up VMs when flavor is bigger than Small [closed]

Cant ping floating ip

openstack cannot ping router & instance cannot ping router

CentOS - SSH Private Key - Permission denied

Not able to ssh VMs on compute node (instance console is also not available on horizon)

FloatingIP public subnet association within Heat

external bridge is crazy